The city of Riviera Beach, Florida, has agreed to pay hackers about $600,000 in bitcoin to end a ransomware attack that crippled the city’s IT infrastructure for nearly a month.
Riviera Beach is one of several governmental units hit by ransomware attacks during the last several months. For example, Baltimore is still recovering from a May 7 attack that has cost $18 million for recovery so far. But it chose not to pay a ransom.
City officials did not reveal many details about the ransomware attack, other than to note it’s under investigation by local police and the FBI. Interim City Manager Deirdre Jacobs noted at a city council meeting where the ransom payment was approved that the city plans to issue a report when the investigation is complete.
It’s not clear what strain of ransomware affected the city’s network, although the Palm Beach Post reports that it started when someone in the city’s police department opened up a phishing email on May 29. The city did not disclose the attack until June 5, when it posted a small notice on its website explaining that the municipality was experiencing a “data security event.”
Besides agreeing to pay the ransom, the city council voted earlier to pay $900,000 to buy new computers and equipment, according to news reports. At a council meeting, Justin Williams, the city’s interim IT manager, noted the city’s websites and email had been restored along with the financial systems and software, but several other systems were not yet restored, including back-up systems.
City officials said at the meeting that the city’s insurance would cover the ransom payment. The Palm Beach Post says insurance also would cover $300,000 worth of equipment expenses. Riviera Beach is the latest example of a growing trend of ransomware attacks targeting units of government. In May, threat-intelligence firm Recorded Future published a study that found an increase in ransomware attacks against local governments, with 53 incidents in 2018 and over 20 attacks so far this year.